From 9a6c60a041cc79052e1816e08073d7232e90cb4f Mon Sep 17 00:00:00 2001 From: Anthony Davies Date: Sun, 15 Dec 2019 19:55:27 +1100 Subject: [PATCH] Allow package signing keys to be stored in secret --- overlay/usr/local/bin/build.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/overlay/usr/local/bin/build.sh b/overlay/usr/local/bin/build.sh index a24d9bf..7fcf6f0 100755 --- a/overlay/usr/local/bin/build.sh +++ b/overlay/usr/local/bin/build.sh @@ -88,7 +88,13 @@ changed_aports() { setup_system() { sudo sh -c "echo $MIRROR/$(get_release)/main > /etc/apk/repositories" sudo apk -U upgrade -a || apk fix || die "Failed to up/downgrade system" - abuild-keygen -ain + if [ -z "${PKG_SIGN_KEY:+x}" ]; then + abuild-keygen -ain + else + echo Using pre-generated keys + echo -e "${PKG_SIGN_KEY//$/\\n}" > ~/.abuild/drone.rsa + echo PACKAGER_PRIVKEY=\"/home/buildozer/.abuild/drone.rsa\" > ~/.abuild/abuild.conf + fi sudo sed -i 's/JOBS=[0-9]*/JOBS=$(nproc)/' /etc/abuild.conf mkdir -p "$REPODEST" }